Operational Risk Mng- Cyber & Resilience

We're Hiring: Operational Risk Manager Cyber & Resilience

Location: Remote, however Travel to London, Canary Wharf 1x a Month is required

Department: Risk

Hours: Monday - Friday 09:00-17:30

We're looking for an Operational Risk Manager Cyber & Resilience to join our Risk team and provide independent second line oversight across cyber, technology and operational resilience risks.

This is a key assurance role, offering exposure to senior stakeholders and committees, where you'll combine strong cyber and information security knowledge with practical risk management expertise.

You'll act as a trusted subject matter expert, translating complex cyber risks into clear, business focused insight that supports informed decision making.

• Provide independent review and challenge of first line cyber, resilience and technology risk management activities.
• Oversee cyber risk coverage within RCSAs, scenario analysis and operational risk assessments.
• Assess control design and effectiveness across areas including:
  • Cyber and information security
  • Cloud and third party technology services
  • Data protection, availability and resilience
• Identify emerging and interconnected cyber risks, escalating where risk appetite may be threatened.
• Provide second line oversight of cyber incidents, near misses and control failures, including root cause analysis and remediation.
• Track and validate closure of significant cyber risk issues and audit findings.
• Support the development and monitoring of risk indicators, thresholds and tolerances.
• Partner closely with Operational Resilience teams to embed cyber risk into:
  • Important Business Services mapping
  • Impact tolerances
  • Severe but plausible cyber scenarios
• Produce high quality management information and reporting for senior forums, including executive committees and Board level packs.
• Act as a risk business partner to selected areas, building strong collaborative relationships while maintaining independence.

• Strong experience in cyber security, information security or technology risk.
• Experience working in a heavily regulated environment
• Background in Risk, Audit or Compliance, with a solid understanding of risk and control frameworks.
• Ability to communicate complex technical topics clearly to non technical stakeholders.
• Confident, organised and detail focused, with the resilience to operate in a changing regulatory and technology landscape.
• Comfortable working independently while contributing to a close knit team.
• Strong working knowledge of Microsoft Excel and PowerPoint.
• Professional certifications such as CISA, CRISC, IRM or equivalent.
• Experience working with AI would be an advantage

At Kensington Mortgages, we believe our employees are the heart of our success. We are committed to creating a supportive and flexible work environment that values personal growth, professional development and a healthy work life balance

Our inclusive culture respects and celebrates diversity in all its forms, ensuring that everyone feels welcome, valued and understood. We recognise and appreciate differences in thinking, learning styles, gender, race, identity, ethnic origins and sexual expression.